Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:maven/org.jboss.resteasy/resteasy-core@4.6.1.Beta3

Type maven

Namespace org.jboss.resteasy

Name resteasy-core

Version 4.6.1.Beta3

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 4.7.8.Final

Latest_non_vulnerable_version 6.2.3.Final

Affected_by_vulnerabilities

url VCID-df6d-zkkc-nug5

vulnerability_id VCID-df6d-zkkc-nug5

summary

Information Exposure Through an Error Message
A flaw was found in RESTEasy where the endpoint class and method names are returned as part of the exception response when RESTEasy cannot convert one of the request URI path or query values to the matching JAX-RS resource method's parameter value. The highest threat from this vulnerability is to data confidentiality.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20289.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20289.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-20289

reference_id

reference_type

scores

value	0.00084
scoring_system	epss
scoring_elements	0.2456
published_at	2026-06-05T12:55:00Z

value	0.00084
scoring_system	epss
scoring_elements	0.24458
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-20289

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1935927

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1935927

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=1941544

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=1941544

reference_url

https://issues.redhat.com/browse/RESTEASY-2843

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.redhat.com/browse/RESTEASY-2843

reference_url

https://security.netapp.com/advisory/ntap-20210528-0008

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20210528-0008

reference_url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://www.oracle.com/security-alerts/cpuapr2022.html

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2021-20289

reference_id

CVE-2021-20289

reference_type

scores

value	5.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2021-20289

reference_url	https://access.redhat.com/errata/RHSA-2021:3700
reference_id	RHSA-2021:3700
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3700

reference_url	https://access.redhat.com/errata/RHSA-2021:3880
reference_id	RHSA-2021:3880
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:3880

reference_url	https://access.redhat.com/errata/RHSA-2021:4100
reference_id	RHSA-2021:4100
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4100

reference_url	https://access.redhat.com/errata/RHSA-2021:4676
reference_id	RHSA-2021:4676
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4676

reference_url	https://access.redhat.com/errata/RHSA-2021:4677
reference_id	RHSA-2021:4677
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4677

reference_url	https://access.redhat.com/errata/RHSA-2021:4679
reference_id	RHSA-2021:4679
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4679

reference_url	https://access.redhat.com/errata/RHSA-2021:4767
reference_id	RHSA-2021:4767
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:4767

reference_url	https://access.redhat.com/errata/RHSA-2021:5149
reference_id	RHSA-2021:5149
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5149

reference_url	https://access.redhat.com/errata/RHSA-2021:5150
reference_id	RHSA-2021:5150
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5150

reference_url	https://access.redhat.com/errata/RHSA-2021:5151
reference_id	RHSA-2021:5151
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5151

reference_url	https://access.redhat.com/errata/RHSA-2021:5154
reference_id	RHSA-2021:5154
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5154

reference_url	https://access.redhat.com/errata/RHSA-2021:5170
reference_id	RHSA-2021:5170
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2021:5170

reference_url	https://access.redhat.com/errata/RHSA-2022:0146
reference_id	RHSA-2022:0146
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0146

reference_url	https://access.redhat.com/errata/RHSA-2022:0151
reference_id	RHSA-2022:0151
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0151

reference_url	https://access.redhat.com/errata/RHSA-2022:0152
reference_id	RHSA-2022:0152
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0152

reference_url	https://access.redhat.com/errata/RHSA-2022:0155
reference_id	RHSA-2022:0155
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0155

reference_url	https://access.redhat.com/errata/RHSA-2022:0164
reference_id	RHSA-2022:0164
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:0164

reference_url	https://access.redhat.com/errata/RHSA-2022:1179
reference_id	RHSA-2022:1179
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:1179

reference_url	https://access.redhat.com/errata/RHSA-2022:6407
reference_id	RHSA-2022:6407
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2022:6407

reference_url	https://usn.ubuntu.com/7351-1/
reference_id	USN-7351-1
reference_type
scores
url	https://usn.ubuntu.com/7351-1/

reference_url	https://usn.ubuntu.com/7630-1/
reference_id	USN-7630-1
reference_type
scores
url	https://usn.ubuntu.com/7630-1/

fixed_packages

url	pkg:maven/org.jboss.resteasy/resteasy-core@4.6.1
purl	pkg:maven/org.jboss.resteasy/resteasy-core@4.6.1
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-core@4.6.1

url pkg:maven/org.jboss.resteasy/resteasy-core@4.7.0.Final

purl pkg:maven/org.jboss.resteasy/resteasy-core@4.7.0.Final

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-ka7b-vp4z-d7bu

resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-core@4.7.0.Final

aliases CVE-2021-20289, GHSA-244r-fcj3-ghjq

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-df6d-zkkc-nug5

url VCID-ka7b-vp4z-d7bu

vulnerability_id VCID-ka7b-vp4z-d7bu

summary

Insecure Temporary File in RESTEasy
In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0482.json

reference_id

reference_type

scores

value	5.3
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0482.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-0482

reference_id

reference_type

scores

value	0.0005
scoring_system	epss
scoring_elements	0.16037
published_at	2026-06-05T12:55:00Z

value	0.0005
scoring_system	epss
scoring_elements	0.15953
published_at	2026-06-04T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-0482

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0482
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0482

reference_url

https://github.com/orgs/resteasy/discussions/3415

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/orgs/resteasy/discussions/3415

reference_url

https://github.com/orgs/resteasy/discussions/3504

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/orgs/resteasy/discussions/3504

reference_url

https://github.com/orgs/resteasy/discussions/3506

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/orgs/resteasy/discussions/3506

reference_url

https://github.com/resteasy/resteasy

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/resteasy

reference_url

https://github.com/resteasy/Resteasy

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/Resteasy

reference_url

https://github.com/resteasy/resteasy/pull/3409

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/resteasy/pull/3409

reference_url

https://github.com/resteasy/resteasy/pull/3409/commits/807d7456f2137cde8ef7c316707211bf4e542d56

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:02:39Z/

url

https://github.com/resteasy/resteasy/pull/3409/commits/807d7456f2137cde8ef7c316707211bf4e542d56

reference_url

https://github.com/resteasy/resteasy/pull/3410

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/resteasy/pull/3410

reference_url

https://github.com/resteasy/resteasy/pull/3412

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/resteasy/pull/3412

reference_url

https://github.com/resteasy/resteasy/pull/3413

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/resteasy/pull/3413

reference_url

https://github.com/resteasy/resteasy/pull/3423

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/resteasy/pull/3423

reference_url

https://github.com/resteasy/resteasy/security/advisories/GHSA-2c6g-pfx3-w7h8

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://github.com/resteasy/resteasy/security/advisories/GHSA-2c6g-pfx3-w7h8

reference_url

https://issues.redhat.com/browse/RESTEASY-3286

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://issues.redhat.com/browse/RESTEASY-3286

reference_url

https://security.netapp.com/advisory/ntap-20230427-0001

reference_id

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://security.netapp.com/advisory/ntap-20230427-0001

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031728
reference_id	1031728
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031728

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031729
reference_id	1031729
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031729

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2166004

reference_id

2166004

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://bugzilla.redhat.com/show_bug.cgi?id=2166004

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2023-0482

reference_id

CVE-2023-0482

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	MODERATE
scoring_system	generic_textual
scoring_elements

url

https://nvd.nist.gov/vuln/detail/CVE-2023-0482

reference_url	https://github.com/advisories/GHSA-jrmh-v64j-mjm9
reference_id	GHSA-jrmh-v64j-mjm9
reference_type
scores
url	https://github.com/advisories/GHSA-jrmh-v64j-mjm9

reference_url

https://security.netapp.com/advisory/ntap-20230427-0001/

reference_id

ntap-20230427-0001

reference_type

scores

value	5.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-18T16:02:39Z/

url

https://security.netapp.com/advisory/ntap-20230427-0001/

reference_url	https://access.redhat.com/errata/RHSA-2023:2705
reference_id	RHSA-2023:2705
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2705

reference_url	https://access.redhat.com/errata/RHSA-2023:2706
reference_id	RHSA-2023:2706
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2706

reference_url	https://access.redhat.com/errata/RHSA-2023:2707
reference_id	RHSA-2023:2707
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2707

reference_url	https://access.redhat.com/errata/RHSA-2023:2710
reference_id	RHSA-2023:2710
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2710

reference_url	https://access.redhat.com/errata/RHSA-2023:2713
reference_id	RHSA-2023:2713
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:2713

reference_url	https://access.redhat.com/errata/RHSA-2023:3185
reference_id	RHSA-2023:3185
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:3185

reference_url	https://access.redhat.com/errata/RHSA-2023:4983
reference_id	RHSA-2023:4983
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:4983

reference_url	https://access.redhat.com/errata/RHSA-2023:5165
reference_id	RHSA-2023:5165
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:5165

reference_url	https://access.redhat.com/errata/RHSA-2023:6305
reference_id	RHSA-2023:6305
reference_type
scores
url	https://access.redhat.com/errata/RHSA-2023:6305

reference_url	https://usn.ubuntu.com/7351-1/
reference_id	USN-7351-1
reference_type
scores
url	https://usn.ubuntu.com/7351-1/

reference_url	https://usn.ubuntu.com/7630-1/
reference_id	USN-7630-1
reference_type
scores
url	https://usn.ubuntu.com/7630-1/

fixed_packages

url	pkg:maven/org.jboss.resteasy/resteasy-core@4.7.8.Final
purl	pkg:maven/org.jboss.resteasy/resteasy-core@4.7.8.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-core@4.7.8.Final

url	pkg:maven/org.jboss.resteasy/resteasy-core@5.0.6.Final
purl	pkg:maven/org.jboss.resteasy/resteasy-core@5.0.6.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-core@5.0.6.Final

url	pkg:maven/org.jboss.resteasy/resteasy-core@6.2.3.Final
purl	pkg:maven/org.jboss.resteasy/resteasy-core@6.2.3.Final
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-core@6.2.3.Final

aliases CVE-2023-0482, GHSA-2c6g-pfx3-w7h8, GHSA-jrmh-v64j-mjm9

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ka7b-vp4z-d7bu

Fixing_vulnerabilities

Risk_score 3.1

Resource_url http://public2.vulnerablecode.io/packages/pkg:maven/org.jboss.resteasy/resteasy-core@4.6.1.Beta3

Package Instance